FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2026-03-03 16:31:49 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
These are the vulnerabilities relating to the commit you have selected:
| VuXML ID | Description |
|---|
| c3e1df74-5e73-11f0-95e5-74563cf9e4e9 | GnuTLS -- multiple vulnerabilities
Daiki Ueno reports:
- libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps
Spotted by oss-fuzz and reported by OpenAI Security Research Team,
and fix developed by Andrew Hamilton. [GNUTLS-SA-2025-07-07-1,
CVSS: medium] [CVE-2025-32989]
- libgnutls: Fix double-free upon error when exporting otherName in SAN
Reported by OpenAI Security Research Team. [GNUTLS-SA-2025-07-07-2,
CVSS: low] [CVE-2025-32988]
- certtool: Fix 1-byte write buffer overrun when parsing template
Reported by David Aitel. [GNUTLS-SA-2025-07-07-3,
CVSS: low] [CVE-2025-32990]
- libgnutls: Fix NULL pointer dereference when 2nd Client Hello omits PSK
Reported by Stefan Bühler. [GNUTLS-SA-2025-07-07-4, CVSS: medium]
[CVE-2025-6395]
Discovery 2025-07-09
Entry 2025-07-14
gnutls
< 3.8.10
CVE-2025-32989
CVE-2025-32988
CVE-2025-32990
CVE-2025-6395
https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html
|